Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInBeyond Colonial Pipeline, Ransomware Cyberattacks Are a Growing Threat – WSJ
The cyberattack that knocked offline an essential U.S. gasoline pipeline shows how the dangerous, professional-scale hack-for-ransom threat is spreading rapidly, targeting companies, schools, hospitals and other institutions. While ransomware has been a challenge for small businesses for years, a confluence of factors have emboldened attackers in the past year, culminating in the shutdown Friday of […]
U.S. Pipeline Shutdown Exposes Cyber Threat to Energy Sector – WSJ
The ransomware attack that forced the closure of the largest U.S. fuel pipeline this weekend showed how cybercriminals pose a far-reaching threat to the aging, vulnerable infrastructure that keeps the nation’s energy moving. Colonial Pipeline Co. closed its entire 5,500-mile conduit carrying gasoline and other fuels from the Gulf Coast to the New York metro […]
Corporate boards are better at cybersecurity but still need improvement | Security Magazine
This year, Gartner – the world’s leading IT research company – came out with a prediction that upon inspection says a lot about how the highest level of corporate management views cybersecurity risk. It wasn’t that this has become the second-highest source of risk for the enterprise, and could become the riskiest of all. This […]
RTF Report: Combatting Ransomware
Ransomware is no longer just a financial crime; it is an urgent national security risk that threatens schools, hospitals, businesses, and governments across the globe. This is not a problem that any one entity can solve. Over 60 experts from industry, government, law enforcement, civil society, and international organizations worked together to produce this comprehensive […]
The Case For and Against Criminalizing Ransomware – Infosecurity Magazine
Earlier this year, the former CEO of the UK National Cyber Security Centre (NCSC), Ciaran Martin, spoke on the ransomware issue, arguing that it is being fuelled because there is no legal barrier to ransomware victims paying and then claiming back the expense on insurance. He argues that this means victims are incentivized to pay […]
Incident response pros seek to prove due diligence after OFAC advisory
Being coerced into paying a large ransomware demand is bad enough. Having to pay a large civil penalty on top of that for transacting with a federally sanctioned cybercriminal group is even worse. Looking to avoid such fines, incident response (IR) experts are advocating for improvements to ransomware response protocols, including additional oversight and demonstrable […]
Cybersecurity Docket Announces ‘Incident Response 40’ for 2021
Announcing Cybersecurity Docket’s Incident Response 40 for 2021!
Cyber Breach Disclosures Still Take More Than a Month – CFO
After being discovered, cybersecurity breaches are not consistently disclosed promptly, found an Audit Analytics study of public companies released on Friday. On average, publicly held companies took 53 days to disclose a breach incident after discovering it. The 53-day average disclosure timeframe is less than the 10-year average of 67 days, but it is the third-highest […]
BitPay Agrees to Pay $507,375 to Settle OFAC Sanctions Violations – Corruption, Crime & Compliance
The Treasury Department’s Office of Foreign Asset Control continues to focus enforcement activities on digital currency companies. This focus is likely to increase given recent comments by Janet Yellen, the head of the Treasury department, criticizing digital currencies and the utility of this rapidly growing new technology. Last year, OFAC announced an enforcement action against […]
Acer hacked by ransomware gang demanding $50m ransom | TechRadar
The notorious REvil ransomware gang has reportedly attacked Taiwanese PC vendor Acer, demanding a $50 million ransom of cryptocurrency Monero to decrypt its computers. Working with a malware intelligence analyst from Malwarebytes, cyber-intelligence news site The Record, was able to track down a portal operated by the REvil gang that clearly spells the ransom, which […]
March 25 Webcast: Navigating Federal Cybersecurity Issues in High Risk Times
Please join Luke Tenery, Scott Boylan and Evan Wolff of this free webcast.
Virginia governor signs comprehensive data privacy law | TheHill
Virginia Gov. Ralph Northam (D) signed the Consumer Data Protection Act on Tuesday, making Virginia the second state in the U.S. to pass a comprehensive data privacy law. The bill will give consumers the right to opt out of having their personal data processed for targeted advertising and the right to confirm if their data […]
Who Has Standing in a Data Breach Litigation? In The Third Circuit, Fear of Speculative Future Harm Still Doesn’t Cut It | Consumer Privacy World
As the number of data breaches continue to rise, so too will the number of lawsuits filed. As CPW previously reported, the number of data breaches in 2020 was more than double that of 2019. One can only wonder what 2021 will bring. Yet with this increase in data breach litigation, a recent opinion within […]
California DMV hit by data breach, exposing millions of drivers’ personal information to hackers
A billing contractor, the Seattle-based Automatic Funds Transfer Services, was hit by a ransomware attack in early February. The DMV has worked with the organization since mid-2019 “to correct and verify vehicle registration addresses,” according to the department. KFSN in Fresno reports that the affected data includes 20 months’ worth of California vehicle registration records […]
Jones Day Hit by Data Breach as Vendor Accellion Hack Widens
Law firm Jones Day says hackers got their hands on confidential client data and firm communications when an outside vendor’s file transfer system was breached. Jones Day is the second major law firm in two weeks to have private data exposed as a result of a breach at Accellion, which provides file transfer and other […]